Blog

KIO Networks will be hosting two events in partnership with VirtuCrypt on November 28th in Mexico City, Mexico and December 4th in Monterrey, Mexico. Both events will not only provide a complimentary breakfast but also include informative presentations covering what Crypto-as-a-Service could mean for your enterprise’s data security ecosystem. The landscape of data security is ever-changing, and now more than ever it is a must for companies to seek the best options that puts them ahead of the curve.

Futurex and VirtuCrypt are the industry’s only single-vendor providers of complete cryptographic infrastructures for payment security. Many of Futurex’s most important services, like PIN encryption and validation, P2PE, and tokenization, rely on secure and compliant key management. In this blog post, we outline Futurex's solutions for remote key loading for ATM, Point of Sale, and IoT devices.

In order for the endpoint device (whether an ATM, Point of Sale terminal, or IoT device) to receive symmetric encryption keys for PAN or PIN encryption, it must first establish a secure connection with the remote key platform. PKI is a form of asymmetric cryptography where the sender and receiver use public and private keys to both decrypt messages and verify each other’s identity. PKI allows the endpoint device and the RKL platform to verify each other’s identities and securely exchange keys. In this blog post, we outline the primary cryptographic techniques used for remote key loading to ATM, Point of Sale, and IoT devices.

Successful RKL operations require collaboration and standardized communication protocols between the device manufacturer and the RKL provider. The backbone of RKL is trust at both ends of the key exchange, one end being the RKL provider and the other being the field-level device. In this blog post, we spotlight the role of device manufacturers, whether ATM, Point of Sale, or IoT in general, in deploying compliant remote key loading functionality.

We all depend on encryption keys in one way or another. While few
people outside the payments industry are aware of this, anytime you
present your payment card at a Point of Sale (POS) terminal or use an
ATM, an encryption key quickly goes to work to encrypt the PIN or the
primary account number (PAN) associated with your card. This encryption
obscures the data and protects against information theft as the
transaction is sent back to the card issuer for validation. For this
process to work, an encryption key must be securely loaded into that
endpoint device, whether it be an ATM, a POS terminal, or even a commercial off-the-shelf device used for payment acceptance.